Blog Archives

All Archived Posts in Security



YorkUKNetworks

 

If you've been following me on Twitter over the last year, you might have seen the odd Tweet describing countless problems I had been experiencing on a daily occurrence with my website.

From having no problems whatsoever, hosted with York Networks since 2006, the last year or so had seen a complete downturn in site reliability and a deluge of hacks, attacks, bots and spam. I was experiencing all manor of issues, ranging from: brute-force log-in attempts, actual DoS attacks aimed at YorkUK Hosting and my site specifically, immense problems with comment spam, (oftentimes 1000's of spam comments/trackback in a single period on numerous days) site downtime for consecutive days, and general site slowness.

At this time I was on a shared server which meant the focus of the attacks on my site was affecting other YorkUK Hosting client's websites that were also sharing this same server. I know this posed many immense hassles for Nathan. I knew I was basically causing a shit storm of nightmares for him, and other website owners on this shared server.

Need to Find a UK Web Host? I Have Used YorkUK Hosting for 7 Years

Bear in mind that this shift from 100% reliability, for close to 7 years, to the complete opposite, seemed practically overnight, and was a complete shock to the system. At this point in time I had no real experience of WordPress vulnerabilities, had a pretty laxed attitude to it all, new nothing much about .htaccess, firewalls, Apache and it's various modules, WordPress security etc.

2013 up till now has been an incredibly challenging, frustrating, but also highly enlightening experience with my new found knowledge of all things: WordPress, various WordPress Security Plugins (Wordfence for one), .htaccess, Apache and associated modules, CDN's-Content Delivery Network Services (I use MaxCDN), cloud based web performance and security services (I use CloudFlare), good old grunt work, upgrade of servers, various forms of server security protocols, and more patience than I knew I ever had, and finally an unquenchable desire to completely give it back to all these lame-ass hackers, bots, bored teenagers looking for WordPress weaknesses and vulnerabilities.

YorkUK Hosting

I could, and can not, praise Nathan over YorkUK Hosting for his complete and constant dedication to helping getting to solve the multitude of problems that we faced, obviously as much for his own sanity and client well-fare, than just keeping me happy. But the fact is that we would be emailing at 1-2am in the morning, with suggestions, fixes, tweaks throughout all last year, even when I went to Devon in October, and realised my site was under the worse possible load, Nathan helped bring some order and saneness to my worried mind.

Being a self-employed logo designer, whose only real viewable shop window is my website, having any speed/reliability issues is frustrating, but knowing your site is, and continues to be down for days at a time, is a massive worry. I rely on my online logo design portfolio and blog to entice, delight and tickle hopeful new clients, and there is no room for my website to be down at all.

Although we didn't always have the answers at the time, often months of trying this and that, the journey that was taken has proven to be most rewarding, and enables us both to share and implement that knowledge and experience.

Sometimes it was easy to think it was simply the hosts fault, but I knew that I had to just keep chugging along, and keep focused on resolving rather than blaming. To move hosts would be a pointless exercise in many ways, but the main reason is that I was sure the problems would just follow my website/URL where ever I went, and crucially? Would I really find someone as completely dedicated (Nathan) to helping one of their clients (me) as passionately and as patiently as he did, I don't really think so. I also like to think I'm quite loyal in that regard, and tend not to make 'major' decisions without a lot of consideration. One doesn't simply throw away 6 years of practically 100% website uptime, when one hits a bad patch. Yeah sure, I do get stressed, I do panic, I do whittle off little panicked emails at 2am in the morning, but as I mentioned earlier, this experience was incredible frightening, and completely overwhelming to my own confidence.

The reality is now that my site is super secure, and much improved overall in WordPress site performance: we know the weak spots, we know what to look for and monitor. This whole experience has taught me that being more than pro-active is the only and best way if you have an active WordPress website and blog. 

Patience of a Saint

Obviously I can most heartily recommend YorkUK Hosting if you are looking for a good website host, but even if you are not looking for a new host, it's worth considering and contemplating the sort of relationship you have with the host you have right now. More so if your website is super important to you, but you've yet to hit the nightmare that took me and my site down a horrible horrible path all of last year.

When things are seemingly falling down all around you, having someone who seems to have, and exceed, the patience of a Saint is pretty bloody fortunate.

Oh, and no. I'm not affiliated in anyway with Nathan and YorkUK Hosting, there are no kick-backs or financial incentives to post about them. It's simply about time I wrote how greatful I am to have a host as dedicated as Nathan.

Cloudflare Plans

Practical tips, resources, help and guidance to come in more posts

I'll be following this post up with loads of security and performance: practical tips, resources, help and guidance that I have accumulated in this time, and hopefully this will be useful to some of you, at some point. The first post, in a few days, will probably cover just CloudFlare, as this is frankly the single bestest thing anyone can implement to introduce immediate security and performance benefits. With the a Free plan, which is for most people enough, there is simply not much of a reason not to consider it.

I've actually upgraded to the paid Business Plan, I like it that much. I haven't bought the company yet though… :)